Access control lists (ACLs) are often used in networking systems to control various networking functions of a computing device. For example, a computing device may utilize an access control list to determine how an inbound network packet (e.g., from a remote device or a virtual machine switch) should be processed and/or how outbound network traffic should be handled. Further, in some circumstances, ACLs are implemented in hardware using, for example, on-die ternary lookup resources such as ternary content-addressable memory (TCAM) in order to perform lookup functions very quickly.
Including enough TCAM resources and/or other hardware lookup resources in a particular chipset to handle a very large number of ternary rules may be considered very expensive in terms of hardware cost and/or power consumption. For example, in some embodiments, a large number of virtual machines (e.g., 64-256 virtual machines) that each includes a different set of ACL rules may be utilized for access control in which case a considerable amount of TCAM (e.g., 4 MB) may be required. Although software-implemented ACL solutions may be employed for access control, they generally suffer from slower processing rates or otherwise poor performance, which may be unacceptable for many applications.